Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

3aaf128544...18.exe

windows7-x64

6

3aaf128544...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3aaf12854480f132eda76b79c4a0aba5_JaffaCakes118

  • Size

    766KB

  • Sample

    240711-zq55bswdmh

  • MD5

    3aaf12854480f132eda76b79c4a0aba5

  • SHA1

    a057ad2685260dcbe73e9194fbed700bcb51e621

  • SHA256

    d02a59a044460278a69de4126c143453a1e8527f89ba8e07b6278191698b54e9

  • SHA512

    188f71e16a8476a6956a6278087e8457a9f0188634353e5acdef21ef1049de8cb634ab06bc93236892f8a7ce50aa997c2d20811737ffe9623d08a97872ae6c1c

  • SSDEEP

    12288:YlNPK59a9tmaFonKp+qVQAR60ni6f3hu/7b/kdGt6+tbDMzN/4vsKa1z3L3r2YuR:eNPKnitmEocQAYWi6P0Dzkd66+tfMzN0

Score
10/10
persistence

Malware Config

Targets

    • Target

      3aaf12854480f132eda76b79c4a0aba5_JaffaCakes118

    • Size

      766KB

    • MD5

      3aaf12854480f132eda76b79c4a0aba5

    • SHA1

      a057ad2685260dcbe73e9194fbed700bcb51e621

    • SHA256

      d02a59a044460278a69de4126c143453a1e8527f89ba8e07b6278191698b54e9

    • SHA512

      188f71e16a8476a6956a6278087e8457a9f0188634353e5acdef21ef1049de8cb634ab06bc93236892f8a7ce50aa997c2d20811737ffe9623d08a97872ae6c1c

    • SSDEEP

      12288:YlNPK59a9tmaFonKp+qVQAR60ni6f3hu/7b/kdGt6+tbDMzN/4vsKa1z3L3r2YuR:eNPKnitmEocQAYWi6P0Dzkd66+tfMzN0

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks